28 matches found
SUSE CVE-2026-9638
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
EUVD-2026-36456
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
CVE-2026-9638
Crypt::PBKDF2 for Perl versions before 0.261630 are vulnerable because they generate salts with the built-in rand function, which is predictable and not suitable for cryptography. Affected component: Crypt::PBKDF2 (Perl). Root cause: use of insecure RNG for salts. Impact: cryptographic salts may ...
Linux Distros Unpatched Vulnerability : CVE-2026-9638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable a...
Medium: perl-Crypt-PasswdMD5
Issue Overview: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Affected Packages: perl-Crypt-PasswdMD5 Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...
Medium: perl-Crypt-PasswdMD5
Issue Overview: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Affected Packages: perl-Crypt-PasswdMD5 Issue Correction: Run dnf update perl-Crypt-PasswdMD5...
Amazon Linux 2023 : perl-Crypt-PasswdMD5 (ALAS2023-2026-1796)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1796 advisory. Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Tenable has extract...
Amazon Linux 2 : perl-Crypt-PasswdMD5, --advisory ALAS2-2026-3343 (ALAS-2026-3343)
The version of perl-Crypt-PasswdMD5 installed on the remote host is prior to 1.3-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3343 advisory. Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function ...
EUVD-2026-34896
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.1 use uniqid for generating salts, which is unsuitable. Version 26.0.1 fixes the issue...
SUSE CVE-2026-47372
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
EUVD-2026-31198
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
Linux Distros Unpatched Vulnerability : CVE-2026-47372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable...
DEBIAN-CVE-2026-47372
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
CVE-2026-47372
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
CVE-2026-47372
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
UBUNTU-CVE-2026-47372
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
CVE-2026-47372
CVE-2026-47372 affects Crypt::SaltedHash for Perl up to version 0.09, where salts are generated using the built-in rand function. This produces insecure, predictable randomness, compromising cryptographic strength. Multiple sources (SUSE, ENISA EUVD, NVD, Debian tracker, CVE lists) describe the s...
CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
PT-2026-42270
Name of the Vulnerable Software and Affected Versions Crypt::SaltedHash versions prior to 0.10 Description Crypt::SaltedHash for Perl generates insecure random values for salts because it utilizes the built-in rand function, which is predictable and unsuitable for cryptographic purposes...